Collaborate Disseminate
If someone tampers with data being transmitted over HTTPS using TLS, would that result in a corrupted decrypted message or would it result in the error being detected such as through a cryptographic checksum and retransmitted?
Let’s say “User A” has a set of data like below. Each entry has been hashed (sha256) to ensure integrity within a single entry. You can’t modify data of a single entry without also modifying the corresponding hash:
[
{ data: “000000”, has… Continue reading Is multiplying hashes a valid way to ensure two sets of data are identical (but in arbitrary order)
I ran the Test Network example from Hyperledger Fabric Sample and I update the config to use CouchDB.
My goal it’s to find a way to catch the peer who try to tamper data.
I tampered CAR4 from the CouchDB UI (peer0 from Org1):
{
“_id”:… Continue reading Hyperledger Fabric – How can we catch the peer who try to tamper data?
Tamper-Evident devices and measures are devices which in some way indicate that an event not intended by the developer or manufacturer has occurred. Examples of tamper-evident devices are stickers that leave specific residue or are destroy… Continue reading Are there any standards or guidelines tamper-evident devices can adhere to?
I read in the answer here by Marcus that ROM is Tamper-proof.
What is the difference between tamper-proof, tamper protected and tamper-resistant?
Now, there are some re-writable memory (eg. eNVM) that can be configured to have some of … Continue reading Tamper Protected VS. Tamper Proof for write-protected memories
Progress and the proliferation of computers in automotive applications have almost made the shade tree mechanic a relic of the past. Few people brave the engine compartment of any car made after 1999 or so, and fewer still dive into the space behind the dashboard. More’s the pity, because someone …read more
Continue reading Dashboard Dongle Teardown Reveals Hardware Needed to Bust Miles
Samsung phones come with a security seal that says you should not buy the phone if it is broken. Is this proof that no one has tampered with the phone?
Is there some way to take off the seal and paste a new one. Perhaps with… Continue reading Is the security seal on samsung phones proof that the phone has not been tampered with?
Recently, I have downloaded a game from Steam. I wondered whether it was somehow possible to alter the data of the game and replace it with malware without the computer it was sent to noticing. Basically, is it likely that I … Continue reading Protection against tampering
I want to know what is the best approach for preventing URL Jumping / URL Tampering Attacks
Example
updateprofile.php?uid=1
I can change to
updateprofile.php?uid=2
I can update the second user’s profile without loggi… Continue reading Semantic URL Attack Mitigation
Say I have some Apache logs that show brute force attempts on a login page. I’ve singled out the IP, and found out who the culprit was. How can I show to a third party that I didn’t makeup the entries in those logs?
Is there… Continue reading Prove log files weren’t tampered with?